Tuesday, June 5, 2012

Defcon CTF Quals 2012 - urandom 300

This challenge was based on finding an efficient algorithm to a problem. The following information was provided

Server: 140.197.217.155:5601Password: d0d2ac189db36e15

First we connected to the given server and provided the password. The server responded with some text and some unprintable junk. So we wrote up a script to read what the server was sending. It turned out to be the following text

It was followed by 200000 bytes of data which consisted of 100000 unsigned integers which we were supposed to sort. We sorted the array in ruby and applied an algorithm like selection sort where we shifted each of the numbers to their respective index as per the sorted list. In the worst case the number of swaps was 99999(in case it was a reverse sorted list) and in the best case it would be zero if none of the numbers need to be swapped.

We needed to run it in a decent connection with high upload speed to get the key. On submitting the correct list of swaps, the server responded with the following: